Security Engineer

Company Mission

Payhawk is a leading global spend management solution for scaling businesses. Headquartered in London and combining company cards, reimbursable expenses and accounts payable into a single product; its future-facing technology enables finance teams to control and automate company spending at scale.

The Payhawk customer base includes fast-growing and mature multinational companies in 32 countries including LuxAir and Wagestream. With offices in New York, London, Berlin, Munich , Barcelona, Paris, Amsterdam, Vilnius and Sofia; Payhawk is backed by renowned investors such as Lightspeed Venture Partners, Greenoaks, QED Investors, Bek Ventures and Eleven Ventures.

Our values include supporting flat hierarchies, taking ownership and responsibility, seeking and providing feedback, managing constructive critique, and speaking our minds. We understand that the best ideas don’t all come from the same place, so we encourage diversity and inclusion in all areas of our work.

The future of fintech is about more than money, and we believe in work-life balance, continual learning, and empowered teams. We’re also on a journey to measure and improve our environmental and social impact. From virtual cards to digital subscriptions, our software and automation help take paper out of the equation for our customers, too.

We’re changing the world of payments, and we’re looking for an exceptional team to help us. 

 

About the Role

We are looking for an experienced Security Engineer to assist in maintaining and improving the organization’s security posture through proactive monitoring, vulnerability management, and incident response. As a key member in our IT & Security Team. this role is ideal for individuals passionate about cybersecurity who are eager to grow their technical skills and contribute to safeguarding enterprise systems and data.

Responsibilities

• Lead the evaluation, implementation, and continuous improvement of cybersecurity controls across the organization to ensure alignment with internal security standards and regulatory requirements.
• Conduct vulnerability assessments and coordinate remediation activities with engineering and infrastructure teams, including risk prioritization, tracking, and reporting.
• Manage and maintain endpoint security controls, including system monitoring, patch management, and security configuration to ensure optimal performance and protection across enterprise environments.
• Configure, manage, and optimize the organization’s mobile device management (MDM) and endpoint protection platforms, ensuring effective coverage and policy enforcement.
• Oversee software deployment, operating system imaging, and patch compliance across enterprise endpoints, ensuring timely updates and adherence to security baselines.
• Monitor, investigate, and respond to security alerts and incidents using SIEM, EDR, and related security tools, ensuring effective containment, remediation, and post-incident analysis.
• Document security monitoring activities, incident investigations, and response actions in ticketing and case management systems to ensure traceability and continuous improvement.
• Collaborate with engineering, IT, and product teams to define, implement, and maintain security baselines and secure configurations across systems and endpoints.
• Participate in the security assessment and due diligence of third-party vendors and service providers, including reviewing security documentation and identifying potential risks.
• Assist in responding to customer security inquiries and completing security questionnaires, supporting sales and customer assurance processes with accurate and timely information.
• Contribute to security awareness initiatives and promote security best practices across the organization.
• Provide guidance and mentorship to junior team members on security operations, endpoint security, and incident response practices.

 

Requirements

Education & Certifications

• Degree in Computer Science, Information Security, Information Technology, or a related field.
• 4+ years of experience in cybersecurity, information security, or a related technical role.
• Professional security certifications are considered a strong advantage, such as CompTIA Security+, Cisco CyberOps Associate/Professional, Azure Security Engineer, Google Professional Cloud Security Engineer, CEH, or similar security certifications.

 

Technical Skills

• Understanding of networking concepts and protocols, including TCP/IP, DNS, firewalls, VPNs, and network segmentation.
• Hands-on experience in security operations, including endpoint security, vulnerability management, threat detection, and incident response within enterprise environments.
• Practical experience with SIEM, EDR, and centralized logging platforms (e.g., Splunk, Microsoft Sentinel, CrowdStrike, or similar), including alert investigation, detection tuning, and incident analysis.
• Experience with vulnerability management tools (e.g., Nessus, Qualys, OpenVAS) and the ability to interpret scan results, prioritize remediation, and coordinate fixes with engineering or infrastructure teams.
• Ability to develop or maintain automation scripts using PowerShell, Python, or Bash to improve security monitoring, reporting, or operational workflows.
• Familiarity with endpoint management and security technologies, including MDM platforms and endpoint protection solutions.
• Understanding of security best practices, system hardening, and security baselines across operating systems and enterprise environments.
• Continuous professional development through security certifications, training, industry events, or participation in the cybersecurity community.

 

Soft Skills

Strong analytical and problem-solving skills

• High attention to detail and ability to prioritize tasks in a fast-paced environment

Excellent communication and teamwork

• Eagerness to learn, adapt, and grow in a dynamic cybersecurity team.

Company Benefits

• Competitive compensation package
• 30 days holiday paid leave
• One week exchange policy to another Payhawk office (London, Berlin, Barcelona, Paris, Amsterdam and Vilnius)
• Flexible working hours and opportunity to work from home
• Regular team-wide events
• Additional medical care
• MultiSport card fully funded by us
• Company office massages
• Personal assistant service
• Opportunity to use the Payhawk product (that is, essentially, built by you).